USENIX Conference Policies
Security of Web Browser Scripting Languages: Vulnerabilities, Attacks, and Remedies
Vinod Anupam and Alain Mayer, Bell Laboratories, Lucent Technologies
While conducting a security analysis of JavaScript and VBScript, the most popular scripting languages on the Web, we found some serious flaws. Motivated by this outcome, we propose steps towards a sound definition and design of a security framework for scripting languages on the Web. We show that if such a security framework had been integrated into the respective scripting languages from the very beginning, the probability of preventing the multiple security flaws, that we and other research groups identified, would have been greatly increased.
BibTeX
@inproceedings {261404,
author = {Vinod Anupam and Alain Mayer},
title = {Security of Web Browser Scripting Languages: Vulnerabilities, Attacks, and Remedies},
booktitle = {7th USENIX Security Symposium (USENIX Security 98)},
year = {1998},
address = {San Antonio, TX},
url = {https://www.usenix.org/conference/7th-usenix-security-symposium/security-web-browser-scripting-languages-vulnerabilities},
publisher = {USENIX Association},
month = jan
}
author = {Vinod Anupam and Alain Mayer},
title = {Security of Web Browser Scripting Languages: Vulnerabilities, Attacks, and Remedies},
booktitle = {7th USENIX Security Symposium (USENIX Security 98)},
year = {1998},
address = {San Antonio, TX},
url = {https://www.usenix.org/conference/7th-usenix-security-symposium/security-web-browser-scripting-languages-vulnerabilities},
publisher = {USENIX Association},
month = jan
}